Lucene search

K

ApacheCVELIST:CVE-2022-31780

HistoryAug 10, 2022 - 12:00 a.m.

CVE-2022-31780 HTTP/2 framing vulnerabilities

2022-08-1000:00:00

CWE-20

apache

www.cve.org

1

0.003 Low

EPSS

Percentile

68.0%

Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

CNA Affected

[
  {
    "vendor": "Apache Software Foundation",
    "product": "Apache Traffic Server",
    "versions": [
      {
        "version": "8.0.0 to 9.1.2",
        "status": "affected"
      }
    ]
  }
]

References

lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21

lists.debian.org/debian-lts-announce/2023/01/msg00019.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/

www.debian.org/security/2022/dsa-5206

0.003 Low

EPSS

Percentile

68.0%

Related for CVELIST:CVE-2022-31780

osv3 ubuntucve1 nvd1 prion1 cnvd1 cve1 debiancve1 veracode1 openvas5 nessus2 debian2 fedora2